Re: proper way to use an acl + stick-table to filter based on conn_cur

From: Willy Tarreau <>
Date: Fri, 18 Mar 2011 22:01:55 +0100

On Thu, Mar 17, 2011 at 10:30:33AM +0100, Martin Kofahl wrote:
> Do you know what's the differences between having the sticky-table on
> the front-end or on the back-end?

It does not really change anything except that when it's placed where you need it, you don't need to name it when using it.

> Am I right in assuming that that unused keep-alive connections would be
> counted on the front-end only and in-use connections if the sticky-table
> is on the back-end (option http-server-close)?

Not exactly. It depends on the rule that does the tracking. If the rule is in the frontend, then the connection should be counted for keep-alive sessions, because the rule will not be re-evaluated anymore on the connection. However if the rule is in the backend, then it will be released as soon as the server-side connection vanishes, in order to be able to evaluate a new one for new request over the same connection.

I'm sure it's a bit confusing when explained like this, but I really invite you to try by issuing "show table" via socat to the stats socket, it will make things a lot more clear.

Willy Received on 2011/03/18 22:01

This archive was generated by hypermail 2.2.0 : 2011/03/18 22:15 CET